const jwt = require('jsonwebtoken')

const generateToken = (user) => {
  return jwt.sign(
    { id: user.userId, username: user.username, role: user.role },
    process.env.JWT_SECRET || 'default_secret',
    { expiresIn: process.env.JWT_EXPIRES_IN || '24h' }
  )
}

const verifyToken = (token) => {
  return jwt.verify(token, process.env.JWT_SECRET || 'default_secret')
}

module.exports = { generateToken, verifyToken }
